On Tue, 13 Oct 2009 21:21:42 -0500 (CDT), Al - Image Hosting Services <azick@xxxxxxxxxxxxxxxxxxxx> wrote: > Hi, > > On Wed, 14 Oct 2009, Amos Jeffries wrote: > >> Date: Wed, 14 Oct 2009 13:22:48 +1300 >> From: Amos Jeffries <squid3@xxxxxxxxxxxxx> >> To: Andres Salazar <ndrsslzr80@xxxxxxxxx> >> Cc: squid <squid-users@xxxxxxxxxxxxxxx> >> Subject: Re: https in transparent mode >> >> On Tue, 13 Oct 2009 18:28:15 -0500, Andres Salazar <ndrsslzr80@xxxxxxxxx> >> wrote: >>> Hello, >>> >>> Ive been searching for ways to conduct httpd through the transparent >>> mode of squid. This is because Id like to use squids ACLs not so much >>> as the caching that obviously doesnt work with this protocol. >>> >>> Are there ways I can proxy https? Ive heard somebody mention that it >>> is possible by specifying that it should go with a CONNECT method... >>> I tried searching the faq for an example of this but i wasnt >>> successful... >>> >>> Please advise.. >>> >>> Andres >> >> Squid will not do what you want. >> >> HTTPS was created and designed explicitly to prevent traffic interception >> security attacks (aka transparent mode proxies). >> >> CONNECT method is an HTTP plain wrapper only used when the browser knows >> it is talking to a proxy. > > But is there a universal way to make all browsers on an end users system > (like > windows or mac) use the CONNECT method? It seems like there should be a > way to > force this behavior. The only thing that I found is to have sort of a > script > that modifies the browsers config file, which means that I have to write > one > for each browser out there. > > Best Regards, > Al WPAD/PAC will do that. http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers#Fully_Automatically_Configuring_Browsers_for_WPAD Amos
